<?php defined('BASEPATH') or exit('No direct script access allowed');

class User_model extends EXT_Model
{
	public $user = null;
	public $is_admin = false;

	public $list_filter_fields = array('fullname', 'email', 'group_id', 'last_login', 'id', 'status');
	public $list_orderby = array('fullname asc', 'id desc');

	protected $_table = 'users';

	public function __construct()
	{
		parent::__construct();
		$this->load->library('permission');
		$this->load->library('session');
		// check logged in
		$username = $this->session->userdata('username');
		$password = $this->session->userdata('password');
		$logged_in = $this->session->userdata('logged_in');
		if($logged_in)
		{
			$this->item_where = array(
				'username'=>$username,
				'password'=>$password,
			);
			$user = $this->getUser();
			if($user)
			{
				$this->user = $user;
				$this->is_admin = ($user->group_id==1);
			}
		}
		if(!$this->loggedIn())
		{
			$this->login_remembered_user();
		}
	}

	public function login($username, $password, $remember = false)
	{
		$this->item_where = array(
			'username' => $username,
		);
		$user = $this->getUser();
		if(!$user) return false;

		$password = md5($user->salt.$password);
		if($user->password !== $password)
			return false;

		$this->user = $user;
		$session_data = array(
			'user_id' => $user->id,
			'username' => $username,
			'password' => $password,
			'old_last_login' => $user->last_login,
			'logged_in' => true
		);
		if($remember)
		{
			$this->_remember_user($user);
		}

		$this->update_last_login($user->id);
		$this->session->set_userdata($session_data);
		return true;
	}

	public function logout()
	{
		$session_data = array(
			'user_id' => '',
			'username' => '',
			'password' => '',
			'old_last_login' => '',
			'logged_in' => FALSE
		);

		 $this->session->unset_userdata($session_data);
		 $this->session->sess_destroy();

		delete_cookie('remember_code');
		delete_cookie('username_login');

		return true;
	}
	public function getUser($pk=null)
	{
		$user = $this->getItem($pk);
		if(!$user) return $user;

		return $user;
	}

	public function loggedIn()
	{
		if($this->user)
			return true;

		return false;
	}
	public function isAdmin()
	{
		return $this->is_admin;
	}

	public function login_remembered_user()
	{
		$username = get_cookie('username_login');
		$remember_code = get_cookie('remember_code');

		if (!$remember_code || !$username) return false;

		$this->item_where = array(
			'username' => $username,
			'remember_code' => $remember_code,
		);
		$user = $this->getUser();
		if($user)
		{
			$this->user = $user;
			$this->is_admin = ($user->group_id==1);

			$session_data = array(
				'user_id'  => $user->id,
				'username' => $user->username,
				'password' => $user->password,
				'old_last_login' => $user->last_login,
				'logged_in' => true
			);

			$this->session->set_userdata($session_data);
			$this->update_last_login($user->id);

			// reset cookie remember
			$this->_remember_user($user);

			return true;
		}

		return false;
	}


	public function update_last_login($user_id)
	{
		$data = array(
			'id' => $user_id,
			'last_login' => date('Y-m-d H:i:s', time()),
		);
		return $this->update($data);
	}

	function _remember_user($user)
	{
		if (!$user) return false;

		$salt = sha1(md5(microtime()));
		$expire = 60*60*24*365*1;
		$data = array(
			'id' => $user->id,
			'remember_code' => $salt,
		);

		if ($this->update($data) != false)
		{
			set_cookie('username_login', $user->username, $expire);
			set_cookie('remember_code', $salt, $expire);

			return true;
		}

		return false;
	}

	public function generateSalt($s=8)
	{
		// Get some pseudo-random data from mt_rand().
		$rand='';
		for($i=0;$i<8;++$i)
			$rand.=pack('S',mt_rand(0,0xffff));
		// Add the microtime for a little more entropy.
		$rand.=microtime();
		// Mix the bits cryptographically.
		$rand=md5($rand);
		// Form the prefix that specifies hash algorithm type and cost parameter.
		// Append the random salt string in the required base64 format.
		$salt=strtr(substr(base64_encode($rand),0,(int)$s),array('+'=>'.'));
		return $salt;
	}
}




